[Kea-users] Question on kea-ddns

Jason Guy jguy at cumulusnetworks.com
Tue Jul 24 23:46:20 UTC 2018


Hi Thomas,

I am currently using 1.3 as well. The DDNS works great, though I found
there are some cases where the DDNS to powerdns fails to update the entry
if a previous one still exists. There does not seem to be any way to force
the update by overwriting the existing one, even though Kea knows it just
reused the lease. It is a corner case in a lab environment.

However, I set the following for DDNS (this is yaml from my ansible
playbook, but it should be easy to map to the kea config json syntax):

# DHCP4 configs


*# Dynamic DNS update requests are known as NameChangeRequests or NCRs.*#
Each NCR contains the following information:
# - update action: add (update) or remove DNS entries
# - entry to update: forward (A records), reverse (PTR records), or both.
# - details: FQDN, lease address, and DHCID
dhcp-ddns:
enable-updates: true
qualifying-suffix: "{{ global.dns.domain_name }}"
override-client-update: true # Kea generates forward and reverse updates
override-no-update: true # Always create DNS updates
replace-client-name: when-not-present

#DDNS configs - TSIG is optional, but probably a good idea for security

  DhcpDdns:
    ip-address: 127.0.0.1  #kea default
    port: 53001  #kea default
    tsig-keys:
    - name: "{{global.dns.dnssec.tsig_name}}"
      algorithm: "{{global.dns.dnssec.tsig_algorithm }}"
      secret: "{{ dns_tsig_secret|default('==undefined==') }}"
    forward-ddns:
      ddns-domains:
      - name: "{{global.dns.domain_name}}."
        key-name: "{{global.dns.dnssec.tsig_name}}"
        dns-servers:
        - ip-address: "{{global.dns.server.ipv4}}"
          port: 5300
    reverse-ddns:
      ddns-domains:
      - name: "{{global.dns.rev_domain.ipv4}}."
        key-name: "{{global.dns.dnssec.tsig_name}}"
        dns-servers:
        - ip-address: "{{global.dns.server.ipv4}}"
      - name: "{{global.dns.rev_domain.ipv6}}."
        key-name: "{{global.dns.dnssec.tsig_name}}"
        dns-servers:
        - ip-address: "{{global.dns.server.ipv4}}"
          port: 5300

I hope this helps to compare to a known working config.
Jason


On Tue, Jul 24, 2018 at 9:49 AM Thomas Markwalder <tmark at isc.org> wrote:

> Hello Jim:
>
> Currently, kea-dhcp4 does DNS updates if the client sends either the
> Host Name or FQDN options in the REQUEST.  If it sends both, the server
> will use FQDN.  Typically a client would issue a DISCOVER asking for the
> Host Name, and then send it back in the REQUEST, or use it to construct
> a FQDN option and send that in the request.  If your client is not
> providing either option, the server does not do DNS.
>
> Regards,
>
> Thomas Markwalder
> ISC Sofware Engineering
>
>
> On 07/23/2018 10:19 PM, J wrote:
> > Perhaps newbie question…?
> >
> > Using Kea 1.3 with ddns hooks and feeding powerDNS, both backed by mysql.
> >
> > Have a reservation set for a client machine (using MAC) which works
> fine.  But after lease is given out, no DDNS update is attempted (as
> evidenced in the kea-ddns.log file.  Other clients getting addresses from a
> free/random range on the same VLAN get put into powerDNS (including PTR
> records)
> >
> > Is there something about the reservation that is causing the ddns call
> not to occur?
> >
> > Thanks in advance
> > Jim.
> > _______________________________________________
> > Kea-users mailing list
> > Kea-users at lists.isc.org
> > https://lists.isc.org/mailman/listinfo/kea-users
>
> _______________________________________________
> Kea-users mailing list
> Kea-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/kea-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/kea-users/attachments/20180724/a70bf115/attachment.htm>


More information about the Kea-users mailing list